03:25 PM

PatchLink-SecureWave Merger Would Bolster Security With Or Without A Patch

PatchLink provides patch and vulnerability management, while SecureWave takes a whitelisting approach.

The sad fact is, malware writers haven't just gotten more prolific over the past few years, they've gotten faster and more creative. That's spawned a need for a more proactive approach to IT security, and it's what makes PatchLink's announcement last week that it's acquiring SecureWave intriguing.

PatchLink is a privately held provider of patch and vulnerability management software, and SecureWave made its bones through its Sanctuary product, which takes a "whitelisting" approach that allows only approved network traffic inside a company's firewall. Together, the vendors could address more effective patching, plus situations in which no patch yet exists. They'd have more than 5,000 customers, including PatchLink customers HSBC, NASA, and Thomson Financial. The all-stock transaction will give Mangrove Capital Partners, SecureWave's primary shareholder, a seat on PatchLink's board. In February, PatchLink acquired Stat vulnerability scanning and assessment technology from Harris Corp.

In May, SecureWave announced Sanctuary 4.2, the latest version of its endpoint security software that includes unified policy enforcement for centrally managing and monitoring device and application use on a company's PCs, laptops, and servers. Sanctuary also helps define and enforce policies for acceptable use of removable storage media and applications, letting administrators defend against data leakage as well as malware.

SecureWave's whitelisting approach is one answer to defending against zero-day attacks, those that strike vulnerabilities for which no patch exists. Yet whitelisting creates more administrative overhead by forcing IT managers to inventory systems to ensure that legitimate software isn't blocked.

Sanctuary already is designed to work with automated patching systems like PatchLink, and it includes a utility tool that automatically updates whitelists with patches and upgrades once the user creates a baseline listing of applications on the network.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of July 17, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.